0

Weired problem! ASP.NET Session expires instantly. In my web.config I have this session settings: 

<sessionState mode="InProc" timeout="10000" />

AFAIK the timeout attribute's value is in minutes and can't be greater than 525,600 minutes (1 year). I don't understand what I am doing wrong here. Why is the session expiring. Is it a server memory issue? I don't think so, the server is pretty descent and it has only one site which isn't doing much after all. Ideas?
EDIT:
After setting the cookiless attribute to true, and while noticing the session id on the url, I can see that the session id CHANGING. I assume that this means the session is expiring. The IIS Settings are correct AFAIK (the enable session state checkbox is checked, and the value of the time is 20). A Picture is worth 100 words:

alt text http://img148.imageshack.us/img148/5053/sessionstate.jpg

Jon Seigel
  • 12,251
  • 8
  • 58
  • 92
Ahmed
  • 11,063
  • 16
  • 55
  • 67
  • need more information. Why do you say the session is expiring? If you set a session variable on one page and try and display it on another is it null on the other? Or using something like fiddler (fiddlertool.com) do you see the session cookie changing? – gjutras Aug 12 '09 at 12:48
  • No, one of my team-mates is setting up a session variable containing some info about the logged in user. – Ahmed Aug 12 '09 at 13:22

5 Answers5

1

Perhaps your browser doesn't store cookies correctly. Try setting session to cookieless mode and try again.

<sessionState mode="InProc" timeout="10000" cookieless="true" />
RaYell
  • 69,610
  • 20
  • 126
  • 152
0

You need to make sure Session is enabled with IIS as well as in the web.config.

Also, it's worth putting some logging on the Application Restart. You might have something else going wrong that is causing the whole app to reset.

Robin Day
  • 100,552
  • 23
  • 116
  • 167
0

I had this happen with a page once. It turns out that I was doing a Session.Abandon() in a place that I did not realize was called in the execution sequence (it related to login and the way I was using the membership provider). As a debugging tip, I would recommend putting a breakpoint on every Session.Abandon() and making sure that it's not being called when you don't expect it.

Russell Steen
  • 6,494
  • 6
  • 38
  • 56
  • Well, i created a blank new app on the same machine with only one button when clicked will save a value to the session. The sessions till expires though. – Ahmed Aug 12 '09 at 12:52
0

This has happened to me a couple of times and the main culprits have always been.

Someone updated a file in the web application causing it to restart, this normally happens when someone decides to update something in the web.config without realising this causes all the sessions to be dropped.

The other thing that has caused it for me is a setting in IIS that defines how long sessions last, if you go into the properties of your virtual directory/web site and click configuration, on the options tab is a session timeout duration check this is enabled and set to a high enough value.

Gavin
  • 17,053
  • 19
  • 64
  • 110
0

It turned to be a mistake of one of our team members, he was setting the session to be inproc though the site was distributed of 4 physical machines with Load-Balancing. I'm not sure if it's the problem though, but when I changed it to store the session in a SQL server, it worked! Will dig deeper this issue and report any further information I might get. Thanks you all Guys!

Ahmed
  • 11,063
  • 16
  • 55
  • 67
  • 1
    this is because by default, session is saved on the box that is serving a request. if you have 4 machines behind a load balancer, someone might make a request to box A which will now have session data for that user. however, if the next request is served from box B because of the load balancer, box B will have no way of knowing about session info on box A. this is why switching to sql server mode fixed your issue - because all 4 machines are then sharing session from the same location. – Mike Corcoran Nov 12 '13 at 17:39